Consumers and businesses face a growing tide of malicious software that threatens the stability and performance of their computers and the security of their data. For example, computer programmers with malicious intent have created and continue to create and propagate viruses, Trojans, spyware, worms, and other programs (collectively known as “malware”) in an attempt to compromise computer systems.
Many providers of security software attempt to combat malware by creating and deploying malware signatures (i.e., data constructs that identify one or more properties or characteristics of a known item of malware) to their customers on a regular basis. Security software installed on the computing device of each customer may then use these deployed signatures to determine whether the customer's device contains malware by iterating through the individual properties or characteristics of each application package installed on the customer's device. For example, security software may scan a customer's device for malware by (1) identifying each application package installed on the customer's device and then, for each installed application package, (2) identifying relevant properties or characteristics of the installed application package and (3) determining whether the identified properties or characteristics of the installed application package match any of the sets of properties or characteristics contained in each of the deployed signatures.
Unfortunately, the length of time required to complete the above-described malware scan may be directly proportional to the number of application packages installed on a computing device, such that malware scans of devices having many installed application packages may take much longer to complete than scans of devices having few installed application packages. As such, the instant disclosure identifies a need for improved systems and methods for performing malware scans.